VYPR
High severity7.2NVD Advisory· Published May 12, 2026· Updated May 15, 2026

CVE-2026-8051

CVE-2026-8051

Description

OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

Affected products

5
  • cpe:2.3:a:ivanti:virtual_traffic_manager:*:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:ivanti:virtual_traffic_manager:*:*:*:*:*:*:*:*range: <=22.8
    • cpe:2.3:a:ivanti:virtual_traffic_manager:22.9:r1:*:*:*:*:*:*
    • cpe:2.3:a:ivanti:virtual_traffic_manager:22.9:r2:*:*:*:*:*:*
    • cpe:2.3:a:ivanti:virtual_traffic_manager:22.9:r3:*:*:*:*:*:*
    • (no CPE)range: <22.9r4

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.